Principal Security Architect

The Principal Security Architect will orchestrate the design and deployment of comprehensive security architectures across cloud platforms, microservices, and enterprise systems within the consumer business. They will drive the development and execution of the consumer security strategy, ensuring the implementation of technology roadmaps that improve and safeguard the company's overall security posture.

This role requires a deep understanding of cloud-native security, application security, data security, and enterprise security technologies. You will work closely with developers, security engineers, and DevSecOps teams to integrate security into the entire software development lifecycle and enterprise infrastructure.

1. Develop and maintain comprehensive security architecture documentation aligned with business goals, enterprise target architecture, and industry standards.
2. Design and implement security frameworks for cloud-native environments, ensuring secure deployment on platforms like GCP and AWS (GCP Preferred), and integrating security into CI/CD pipelines and microservices.
3. Lead the Security Architecture Review Board and promote secure coding practices, ensuring security is embedded, maintained, and thoroughly documented. Build, maintain, and standardize security architecture artifacts, including standards, patterns, and procedures for consistent implementation.
4. Define and implement security standards for data protection, IAM, encryption, network security, and regulatory compliance (GDPR, PCI DSS).
5. Collaborate across teams to integrate security controls, handle threat modelling, and address risks related to application, API, and cloud security.
6. Lead threat modelling exercises and define security controls that address application security risks (e.g., OWASP Top 10, API security) and cloud security standard methodologies.
7. Provide strategic mentorship on security tools and enterprise technologies, advising on secure architecture patterns, cloud automation, and evolving security threats.
8. Own the evaluation of security tools and recommend technologies for intrusion detection and prevention, security monitoring, web application firewalls (WAF), and data encryption, among others.

In order to be considered, you must have the following experience:

1. Excellent leadership and communication skills, with the ability to collaborate across teams, drive and influence security decisions.
2. Experience on producing solution-oriented security documentation that fosters collaboration and drives consensus among stakeholders.
3. Extensive experience in security architecture or a related role, with expertise in cloud platforms (GCP preferred) and enterprise security.
4. Strong knowledge of cloud-native security principles, including identity management, encryption, and network security.
5. Proven experience architecting security solutions in microservice-based architectures and containerized environments (e.g., Kubernetes).
6. Expertise in application security, including secure software development practices, API security, and addressing common vulnerabilities (OWASP Top 10).

We'd also love you to bring:

1. Experience with designing and handling large scale distributed systems in the cloud with clear security boundaries.
2. Hands-on experience with GCP security services (IAM, VPC, Cloud KMS, Cloud Armor) and other cloud-native security tools.
3. Solid understanding of data security practices, including encryption, access control, and key management.
4. Experience in threat modelling, risk assessment, and defining security controls to mitigate risks in digital products and services.

Our goal is to celebrate our people, their lives and everything in-between. We aim to create a culture that empowers everyone to bring the best versions of themselves to work each and every day. We believe the most inclusive and diverse culture makes for a better business and a brighter world.

If we feel like a place where you can belong, we'd love to learn more about you as a person and your experience to date. Once you've submitted an application the next steps of the process, if successful, are likely to include an initial screening call followed by two technical rounds.

When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you.

Please note: Applications will be reviewed, and interviews conducted throughout the duration of this advert, therefore we may bring the closing date forward. We encourage all interested applicants to apply as soon as possible. If you're offered a job with us, it will be conditional, based on the passing of background checks. All roles require a criminal record check and some roles need a financial probity check. Your recruiter can provide you with more information if needed.

Thanks for your patience and for showing an interest in joining the Virgin Media O2 family.